<%@ page language="java" contentType="text/html; charset=utf-8"
    pageEncoding="utf-8"%>
<%@ page import="java.sql.*" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Insert title here</title>
</head>
<body>
<%!
	//定义数据库驱动程序
	public static final String DBDRIVER="org.gjt.mm.mysql.Driver";
	//数据库连接地址
	public static final String DBURL = "jdbc:mysql://localhost:3306/lab";
	public static final String DBUSER = "root";
	public static final String DBPASS = "123";
%>
<%
	Connection conn = null;                      //声明数据库连接对象
	PreparedStatement pstmt = null;              //声明数据库操作
	ResultSet rs = null;                         //声明数据库结果集
	boolean flag = false;                        //定义标志位
	String name = null;                          //接收用户名
	String id = request.getParameter("id");
	String sex = null;
	String age = null;
	String mail = null;
	String password = request.getParameter("password");
%>
<%  //JDBC操作抛出异常
try {
	Class.forName(DBDRIVER);                     //加载驱动程序
	conn = DriverManager.getConnection(DBURL,DBUSER,DBPASS);//取得数据库连接
	//编写sql语句，验证id密码
	String sql = "select * from user where userid=? and password=?";
	pstmt = conn.prepareStatement(sql);
	pstmt.setString(1,request.getParameter("id"));
	pstmt.setString(2,request.getParameter("password"));
	rs = pstmt.executeQuery();   //执行查询
	if(rs.next()){
		name = rs.getString(2);
		id = rs.getString(1);
		sex = rs.getString(3);
		age = rs.getString(4);
		mail = rs.getString(5);
		password = rs.getString(7);
		flag = true;
	}
}catch(Exception e){
	System.out.println(e);
}finally{
	try{
		rs.close();
		pstmt.close();
		conn.close();
	}catch(Exception e){}
}
%>
<%
	if(flag){                      //登陆成功，跳转到成功页面
%>
	<jsp:forward page="index.jsp">
	<jsp:param name="uname" value="<%=name %>"/>
	<jsp:param name="id" value="<%=id %>"/>
	<jsp:param name="sex" value="<%=sex %>"/>
	<jsp:param name="mail" value="<%=mail %>"/>
	<jsp:param name="age" value="<%=age %>"/>
	<jsp:param name="password" value="<%=password %>"/>
	</jsp:forward>
<%
	}else{          //登陆失败
%>
	<jsp:forward page="error.jsp">
		<jsp:param name="error" value="password wrong or id wrong"/>
		</jsp:forward>
	<%
	}
	%>
</body>
</html>